Now that Thanksgiving is over, we all know to expect a deluge of advertisements, emails, jingles, etc. about Christmas. And mixed into that deluge of merchandise is malicious clickbait. It is really important to warn friends and family not to assume that all the emails that will pour into our inbox are legitimate. And so it has begun. Check out these two examples of holiday cheer misery….
The first is a Black Friday pitch to purchase a personalised letter from Santa for your child. Of course, we would write “personalized.” This spelling difference tells us, according to StackExchange.com, that the creator of this clickbait is from a UK influenced country, not the United States. In any case, the links point back to a malicious domain sitting on a server in London.
And then we received another malicious clickbait disguised as a personalized letter from Santa. But the email came from, and links point back to the crap domain lettrchrismas[.]monster! This monstrous misspelling of “letter Christmas” was registered the same day this email was sent, November 26, 2019. And this awful domain is sitting on a server in Bhopal, India! At least the Zulu URL Risk Analyzer has identified this domain as malicious!
Bottom line…. Look carefully before clicking and don’t assume it’s safe just because the content is about Christmas!